b3b03f850643e1cf464e7092044b6a0b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b3b03f850643e1cf464e7092044b6a0b_JaffaCakes118
Size

202KB
MD5

b3b03f850643e1cf464e7092044b6a0b
SHA1

e2bae83d9deae4779bb30996f13e85f00750ec1c
SHA256

90d3206daecbccb9c0f010beb23373f488c0a0439f9aa330ea4596573f31954c
SHA512

0a6d8a65c3482450ef1942a89561b276366727d8e885082075d607feb6d5025b5282188f2375cfff17a92c7629d2760608d099bc0ba13f83dd87acf6ff597484
SSDEEP

6144:7+XNYhtYxxDpsrXqL9A9mKvp40UuCsug:7YUYjDodLvO0rX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3b03f850643e1cf464e7092044b6a0b_JaffaCakes118

Files

b3b03f850643e1cf464e7092044b6a0b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

27614f399e31e494ae75761544a3c9b0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetDC

gdi32

SetBkMode

advapi32

RegOpenKeyW

comctl32

InitCommonControlsEx

shell32

SHGetFolderPathW

wininet

InternetOpenW

shlwapi

PathAppendW

Sections

.MPRESS1
Size: 170KB - Virtual size: 572KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE